Vulnerability Details CVE-2020-18544
SQL Injection in WMS v1.0 allows remote attackers to execute arbitrary code via the "username" parameter in the component "chkuser.php".
Exploit prediction scoring system (EPSS) score
EPSS Score 0.016
EPSS Ranking 81.1%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
Products affected by CVE-2020-18544
-
cpe:2.3:a:wms_project:wms:1.0